The present invention relates to a network apparatus and a communication controlling method, and specifically relates to a network apparatus, a power source of which is turned ON or OFF in a normal operating mode, and a communication controlling method to be employed in the network apparatus concerned, at the sequence time when the power source is turned OFF.
In order to safely conduct communications in a certain network system while maintaining security aspects of the communications, a cryptographic communication method, in which encrypted data are bilaterally communicated between the apparatuses in the network concerned, has been employed in the network system. In such the cryptographic communication method, both nodes to be communicated with each other create a key for encryption/decryption processing, and exchange and/or commonly own information being necessary for the cryptographic communication to be conducted between them, such as a key information, a term of validity, etc., (hereinafter, referred to as cryptographic communication information), so as to establish the communication between them.
In this connection, when the cryptographic communication is conducted between a network apparatus “A” and another network apparatus “B”, in the event that the cryptographic communication information, owned by the network apparatus “B” currently serving as a receiver of the encrypted data sent from the network apparatus “A”, has been lost due to an operation for rebooting the network apparatus “B”, caused by an occurrence of a certain malfunction, the network apparatus “A” has no means for recognizing the fact that the network apparatus “B” has lost the cryptographic communication information. For this reason, the network apparatus “A” would continue to transmit the encrypted data to the network apparatus “B” until the term of validity has elapsed, but the encrypted data received by the network apparatus “B” will be abandoned without being decrypted, since the network apparatus “B” cannot decrypt it due to a lack of the cryptographic communication information.
To cope with abovementioned problem, although it may be possible to store the cryptographic communication information in advance into a certain nonvolatile storage medium, such as an HDD (Hard Disc Drive), etc., the risk of leaking the information is heightened to a high level, and accordingly, this method does not comply with the original object for protecting the security aspect of the communication between them, and therefore, is not desirable as the solution of the abovementioned problem.
Under the abovementioned background, so far, there have been proposed various kinds of recovery methods to be employed in the event that the cryptographic communication information has been lost. For instance, Tokkai 2005-20215 and Tokkai 2003-204349 (both are Japanese Patent Application Laid-Open Publications) set forth methods for conducting an operation for notifying the other party of an occurrence of a certain malfunction after the rebooting operation has completed, when the certain malfunction occurred.
It is assumed in the prior art of Tokkai 2005-20215 and Tokkai 2003-204349 that the objective network apparatus is always activated during the normal operating time. However, such a network apparatus that consumes a large amount of electric power or whose operation frequency fluctuates widely, has been operated in such a manner that its power source is turned OFF when the network apparatus is not actually used, while its power source is turned ON only when the network apparatus is actually used, as its normal operating mode. Accordingly, in such the network apparatus abovementioned, the rebooting operation is conducted not only in case of an occurrence of certain malfunction, but also every time when its power source is turned ON.
Therefore, in the network apparatus abovementioned, every time when its power source is turned OFF, it becomes impossible to restore the communication until the term of validity has elapsed. In addition, there has been such a problem that, every time when its power source is turned OFF, unnecessary encrypted data are transmitted through the network until the next rebooting operation (turning its power source ON) is conducted, resulting in not only an increase of the burden for the cryptographic communication processing to be conducted in the other party, but also an increase of the load of the network concerned.
Further, if the method disclosed in Tokkai 2005-20215 or Tokkai 2003-204349 is employed for the network apparatus abovementioned, it becomes necessary to send the malfunction notification to the other party every time when the rebooting operation is conducted, and this makes the processing complicated and cumbersome. Still further, according to the conventional method abovementioned, since it is also necessary to store a part of the cryptographic communication information, there has been another problem that the security aspect of the encrypted data has been deteriorated.